]> source.dussan.org Git - sonarqube.git/blob
c7a8df54604d85805cf3e1b543ad148c81cbf17f
[sonarqube.git] /
1 /*
2  * SonarQube
3  * Copyright (C) 2009-2022 SonarSource SA
4  * mailto:info AT sonarsource DOT com
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 3 of the License, or (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public License
17  * along with this program; if not, write to the Free Software Foundation,
18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19  */
20 package org.sonar.server.almsettings.ws;
21
22 import org.assertj.core.api.Assertions;
23 import org.junit.Before;
24 import org.junit.Rule;
25 import org.junit.Test;
26 import org.sonar.api.config.internal.Encryption;
27 import org.sonar.api.server.ws.WebService;
28 import org.sonar.db.DbTester;
29 import org.sonar.db.alm.setting.AlmSettingDto;
30 import org.sonar.db.user.UserDto;
31 import org.sonar.server.almsettings.MultipleAlmFeatureProvider;
32 import org.sonar.server.component.ComponentFinder;
33 import org.sonar.server.exceptions.ForbiddenException;
34 import org.sonar.server.exceptions.NotFoundException;
35 import org.sonar.server.tester.UserSessionRule;
36 import org.sonar.server.ws.TestRequest;
37 import org.sonar.server.ws.WsActionTester;
38
39 import static java.lang.String.format;
40 import static org.assertj.core.api.Assertions.assertThat;
41 import static org.assertj.core.api.Assertions.assertThatThrownBy;
42 import static org.assertj.core.groups.Tuple.tuple;
43 import static org.mockito.Mockito.mock;
44 import static org.mockito.Mockito.when;
45
46 public class UpdateGitlabActionTest {
47
48   @Rule
49   public UserSessionRule userSession = UserSessionRule.standalone();
50   @Rule
51   public DbTester db = DbTester.create();
52
53   private static String GITLAB_URL = "gitlab.com/api/v4";
54
55   private final Encryption encryption = mock(Encryption.class);
56   private final MultipleAlmFeatureProvider multipleAlmFeatureProvider = mock(MultipleAlmFeatureProvider.class);
57
58   private WsActionTester ws = new WsActionTester(new UpdateGitlabAction(db.getDbClient(), userSession,
59     new AlmSettingsSupport(db.getDbClient(), userSession, new ComponentFinder(db.getDbClient(), null), multipleAlmFeatureProvider)));
60
61   @Before
62   public void before() {
63     when(multipleAlmFeatureProvider.enabled()).thenReturn(true);
64   }
65
66   @Test
67   public void update_without_url() {
68     UserDto user = db.users().insertUser();
69     userSession.logIn(user).setSystemAdministrator();
70
71     TestRequest request = ws.newRequest()
72       .setParam("key", "Gitlab - Dev Team")
73       .setParam("personalAccessToken", "98765432100");
74
75     Assertions.assertThatThrownBy(request::execute)
76       .isInstanceOf(IllegalArgumentException.class)
77       .hasMessage("The 'url' parameter is missing");
78   }
79
80   @Test
81   public void update_with_url() {
82     UserDto user = db.users().insertUser();
83     userSession.logIn(user).setSystemAdministrator();
84
85     AlmSettingDto almSettingDto = db.almSettings().insertGitlabAlmSetting();
86
87     ws.newRequest()
88       .setParam("key", almSettingDto.getKey())
89       .setParam("url", GITLAB_URL)
90       .setParam("personalAccessToken", "10987654321")
91       .execute();
92     assertThat(db.getDbClient().almSettingDao().selectAll(db.getSession()))
93       .extracting(AlmSettingDto::getKey, AlmSettingDto::getUrl, s -> s.getDecryptedPersonalAccessToken(encryption))
94       .containsOnly(tuple(almSettingDto.getKey(), GITLAB_URL, "10987654321"));
95   }
96
97   @Test
98   public void update_with_new_key() {
99     UserDto user = db.users().insertUser();
100     userSession.logIn(user).setSystemAdministrator();
101
102     AlmSettingDto almSettingDto = db.almSettings().insertGitlabAlmSetting();
103
104     ws.newRequest()
105       .setParam("key", almSettingDto.getKey())
106       .setParam("newKey", "Gitlab - Infra Team")
107       .setParam("personalAccessToken", "0123456789")
108       .setParam("url", GITLAB_URL)
109       .execute();
110
111     assertThat(db.getDbClient().almSettingDao().selectAll(db.getSession()))
112       .extracting(AlmSettingDto::getKey, s -> s.getDecryptedPersonalAccessToken(encryption), AlmSettingDto::getUrl)
113       .containsOnly(tuple("Gitlab - Infra Team", "0123456789", GITLAB_URL));
114   }
115
116   @Test
117   public void update_without_pat() {
118     UserDto user = db.users().insertUser();
119     userSession.logIn(user).setSystemAdministrator();
120
121     AlmSettingDto almSettingDto = db.almSettings().insertGitlabAlmSetting();
122
123     ws.newRequest()
124       .setParam("key", almSettingDto.getKey())
125       .setParam("url", GITLAB_URL)
126       .execute();
127     assertThat(db.getDbClient().almSettingDao().selectAll(db.getSession()))
128       .extracting(AlmSettingDto::getKey, AlmSettingDto::getUrl, s -> s.getDecryptedPersonalAccessToken(encryption))
129       .containsOnly(tuple(almSettingDto.getKey(), GITLAB_URL, almSettingDto.getDecryptedPersonalAccessToken(encryption)));
130   }
131
132   @Test
133   public void fail_when_key_does_not_match_existing_alm_setting() {
134     UserDto user = db.users().insertUser();
135     userSession.logIn(user).setSystemAdministrator();
136
137     assertThatThrownBy(() -> ws.newRequest()
138       .setParam("key", "unknown")
139       .setParam("personalAccessToken", "0123456789")
140       .setParam("url", GITLAB_URL)
141       .execute())
142       .isInstanceOf(NotFoundException.class)
143       .hasMessageContaining("ALM setting with key 'unknown' cannot be found");
144   }
145
146   @Test
147   public void fail_when_new_key_matches_existing_alm_setting() {
148     UserDto user = db.users().insertUser();
149     userSession.logIn(user).setSystemAdministrator();
150     AlmSettingDto almSetting1 = db.almSettings().insertGitlabAlmSetting();
151     AlmSettingDto almSetting2 = db.almSettings().insertGitlabAlmSetting();
152
153     assertThatThrownBy(() -> ws.newRequest()
154       .setParam("key", almSetting1.getKey())
155       .setParam("newKey", almSetting2.getKey())
156       .setParam("personalAccessToken", "0123456789")
157       .setParam("url", GITLAB_URL)
158       .execute())
159       .isInstanceOf(IllegalArgumentException.class)
160       .hasMessageContaining(format("An ALM setting with key '%s' already exists", almSetting2.getKey()));
161   }
162
163   @Test
164   public void fail_when_missing_administer_system_permission() {
165     UserDto user = db.users().insertUser();
166     userSession.logIn(user);
167     AlmSettingDto almSettingDto = db.almSettings().insertGitlabAlmSetting();
168
169     assertThatThrownBy(() -> ws.newRequest()
170       .setParam("key", almSettingDto.getKey())
171       .setParam("newKey", "Gitlab - Infra Team")
172       .setParam("personalAccessToken", "0123456789")
173       .setParam("url", GITLAB_URL)
174       .execute())
175       .isInstanceOf(ForbiddenException.class);
176   }
177
178   @Test
179   public void definition() {
180     WebService.Action def = ws.getDef();
181
182     assertThat(def.since()).isEqualTo("8.1");
183     assertThat(def.isPost()).isTrue();
184     assertThat(def.params())
185       .extracting(WebService.Param::key, WebService.Param::isRequired)
186       .containsExactlyInAnyOrder(tuple("key", true), tuple("newKey", false), tuple("personalAccessToken", false), tuple("url", true));
187   }
188
189 }